1CO. 


Information Commissioner's Office 


Regulatory Delivery Board Terms of Reference 


1, 


1:1: 


1.2: 


1.3. 


Purpose 


The overall purpose of the SLT Boards is to deliver SLT’s purpose of 
strategic oversight and delivery of cross-office priorities and plans. 
The Boards were created to ensure that sufficient capacity within 
these meetings for consideration, challenge, and scrutiny to deliver 
SLT’s collective role. 


The role of the Regulatory Delivery Board (RDB) is to oversee, 
direct and coordinate the ICO’s work to deliver its regulatory 
functions, in line with the strategic direction set by the Management 
Board. 


The RDB will not take any decisions as to individual cases; these will 
be taken by the respective staff members in line with the 
Commissioner’s scheme of delegations, with advice from the 
Regulatory Panel where sufficiently significant. 


Responsibilities 

The RDB is responsible for oversight and ensuring that risks are 
appropriately identified and mitigated on: 

e The ICO’s regulatory posture to align to the strategic direction. 


e The regulatory design of the ICO to deliver the strategic 
direction set by Management Board and Regulatory Committee. 


e Delivery of the regulatory strategies and performance. 


e Delivery of strategic regulatory issues, particularly those which 
span multiple ICO directorates. 


e Prioritising the use of resources across our regulatory activities. 


e The decision-making structure within the regulatory space which 
is necessary to support the delivery of regulatory activities. 


e Operational manuals to deliver our regulatory activities. 
e how the ICO’s risk appetite is applied in regulatory activities. 


e EDI outcomes of our regulatory work, in line with the public 
sector equality duty and EDI objectives. The RDB will refer 
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issues to the EDI Board as appropriate, and consider issues 
referred to it by the EDI Board. 


e Delivery of regulatory activity with the Digital Regulators’ 
Cooperation Forum. 


Work Programme 


The RDB will maintain a work programme which sets out its 
expected activities to meet these responsibilities for the next 12 
months. The RDB will consider this work programme at each 
meeting. Corporate Governance will keep this work programme up 
to date based on the information provided by RDB members. 


Authority 


The RDB’s authority derives from ET and SLT. Where work of the 
Board is materially contributing to achieving ET’s goals, the Board 
will report this to ET for assurance. Where the work of the Board 
introduces a significant risk to achieving ET’s goals, the Board will 
refer that to the relevant ET member, who may refer this to ET for 
decision. ET’s goals are provided as an annex to these Terms of 
Reference. The RDB will also provide assurance to the Management 
Board, through regular updates via the IRSP report. 


Links to other bodies 


The RDB will receive reports from any other governance group as 
appropriate, and will also refer reports to other groups as 
appropriate. 


Senior Leadership Team 


The Chairs of the RDB will provide a report on the RDB’s activities to 
each meeting of SLT. This includes highlighting any issues to be 
discussed at future Board meetings, to facilitate advanced 
consultation. The RDB’s work programme will also be provided to 
each SLT meeting for information. The RDB may also receive 
reports which have been considered by SLT, where appropriate. 


Where required, other members of the RDB may attend SLT 
meetings to provide information or input from the RDB. 


Other Boards 


The RDB will work collaboratively with the other Boards as 
appropriate, ensuring that views of other Boards are considered 
when the RDB exercises its responsibilities, and understanding that 
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other Boards will act similarly in considering the RDB’s views. This 
may happen at an informal level between Board Chairs or Board 
members. 


The RDB will highlight issues to SLT or refer issues to other Boards 
for information where it is clear that another Board should be aware 
of the work of the RDB. 


There is no overlap between the roles of the Boards. However, in 
exceptional circumstances, there may be issues where approval is 
required by more than one Board before action can be taken. This 
should be avoided wherever possible through discussion between 
Board Chairs and consultation between Board members. However, 
where this is unavoidable, the same report should be reframed and 
presented to both Board meetings, with a clear recommendation on 
the specific decision needed from each Board. Outcomes from one 
Board will be reported to the other Boards. Corporate Governance 
will facilitate this process. 


In the event of a conflict between two Boards, the Chairs should 
meet to determine the way forward and inform Corporate 
Governance accordingly. If conflict remains, the matter should be 
referred to SLT for decision. 


Programmes 


The RDB may be responsible for the delivery of a range of 
programmes. These will be delivered through a separate 
programme board, but as required this programme board will report 
to the RDB to ensure appropriate oversight. 


Projects within the strategic planning and transformation 
programme are the responsibility of Portfolio Board. Information on 
these projects may be shared with RDB as required. 


Executive Team 


The RDB may refer issues to ET where they require clarity, direction 
and approval in areas of greatest corporate risk or opportunity. 


Chair 


The RDB is chaired by the the Deputy Commissioner (Regulatory 
Supervision), the Deputy Commissioner (Regulatory Policy) and the 
Executive Director (Regulatory Risk). It is anticipated that the Chair 
will alternate, with each person chairing once every three months. 


When the Chair is unavailable for a meeting, they will nominate a 
substitute to chair the meeting in their absence. 


Composition 

The RDB comprises: 

e Deputy Commissioner (Regulatory Policy) 

e Deputy Commissioner (Regulatory Supervision) 
e Executive Director (Regulatory Risk) 

e Chief Economist 


e Director of Digital, IT and Business Services (or their 
representative) 


e Director of FOI and Transparency 

e Director of International Regulatory Cooperation 
e Director of Investigations 

e Directors of Legal Services 

e Director of Legislative Reform 

e Director of People Services (or their representative) 
e Director of Public Advice and DP Complaints 

e Director of Regulatory Assurance 

e Director of Regulatory Cyber 

e Director of Regulatory Design 

e Director of Regulatory Policy Projects 

e Director of Regulatory Risk and Supervision 

e PACE Product Owner (Director) 

e Head of ICO 25 Delivery 


Private Secretaries to the Executive Team members involved in the 
Board will attend all meetings. 


The Chairs may amend this membership as required. They will 
report this to the next meeting of the Board when doing so, 
including the reasons for the change in membership. Corporate 
Governance will then update the Terms of Reference. 
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Department Heads within Regulatory Supervision Service and 
Regulatory Futures and Innovation Service may be able attend 
meetings as observers. 


The Chair may also invite any other ICO staff to RDB meetings as 
required. This may include Chairs of other Boards, where an issue 
with crossover to that Board's area of responsibilities is due to be 
discussed. 


Quorum 
The quorum is: 
e The Chair (or their nominated substitute); and 


e At least five other members. 
Information requirements 


All RDB members are responsible for ensuring that appropriate 
information is provided to the RDB to complete its responsibilities, 
including appropriate consultation to ensure that all potential 
impacts are considered before decisions are made. The Chair is 
ultimately responsible for determining what information is required. 


Considering reports by email 


In the event that urgent business is identified between meetings, 
the RDB may consider reports by correspondence, particularly those 
reports not likely to require significant discussion. Corporate 
Governance will facilitate this. 


Any reports considered on this basis must receive sufficient 
responses to constitute the quorum for a RDB meeting. RDB 
members will usually be given one week to consider reports 
circulated by email, but if a clear consensus emerges before that, 
the decision may be implemented sooner. If significant discussion is 
required, the report should be referred to the next Board meeting. 


Corporate Governance will provide a report to each RDB meeting on 
any matters considered by email, the comments received and the 
outcome of the consideration. 


Budget 


The RDB has no specific budget. Any work commissioned by the 
RDB will be funded from budgets within the relevant Directorate(s), 


12. 
12.1 


iy, 
134 


14. 
14.1 


14.2 


14.3 


15. 
15.1 


15.2 
16. 
16.1 


or funded through an approved business case where necessary. This 
should be exercised in accordance with all other ICO budget 
controls. 


Secretariat 
Secretariat is provided by the Corporate Governance Team. 
Frequency of meetings 


The RDB will meet at least once a month. The group may meet 
more frequently, either with approval of the Chairs or, in the Chairs’ 
absence, at the request of at least 4 Board members. 


Evaluation 


On an annual basis (or more frequently if required), SLT will review 
the ICO's corporate governance structure to ensure that it remains 
appropriate. The RDB should ensure that arrangements are in place 
to enable it to feed in to this review and satisfy itself that it is 
discharging its responsibilities effectively and efficiently. 


In order to achieve this, the RDB will undertake a bi-annual review 
of its performance against the agreed forward plan, in order to 
evaluate its effectiveness and areas of improvement. A copy of this 
report will be provided to SLT. 


The RDB should also periodically review the format and quality of 
reports submitted to them and provide feedback on good practice 
and areas of improvement to management teams. 


Publication of papers 


The agenda for each meeting will be published internally via 
SharePoint. The minutes will be published internally via SharePoint, 
once approved. Reports will be published internally via SharePoint 
where deemed appropriate by report authors. 


Agendas, minutes and reports will not be published externally. 
Links to other forums 


The Board's place in the overall governance structure is set out in 
the diagram below. 


Management Board 
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